Codex/minor fixes

README.md

@@ -1,14 +1,14 @@
 # openclaw-superpowers
 
-**52 ready-to-use skills that make your AI agent autonomous, self-healing, and self-improving.**
+**53 ready-to-use skills that make your AI agent autonomous, self-healing, and self-improving.**
 
-[![Skills](https://img.shields.io/badge/skills-52-blue)](#skills-included)
+[![Skills](https://img.shields.io/badge/skills-53-blue)](#skills-included)
 [![Security](https://img.shields.io/badge/security_skills-6-green)](#security--guardrails)
-[![Cron](https://img.shields.io/badge/cron_scheduled-19-orange)](#openclaw-native-36-skills)
-[![Scripts](https://img.shields.io/badge/companion_scripts-36-purple)](#companion-scripts)
+[![Cron](https://img.shields.io/badge/cron_scheduled-20-orange)](#openclaw-native-37-skills)
+[![Scripts](https://img.shields.io/badge/companion_scripts-37-purple)](#companion-scripts)
 [![License: MIT](https://img.shields.io/badge/license-MIT-yellow.svg)](LICENSE)
 
-A plug-and-play skill library for [OpenClaw](https://github.com/openclaw/openclaw) — the open-source AI agent runtime. Gives your agent structured thinking, security guardrails, persistent memory, cron scheduling, self-recovery, and the ability to write its own new skills during conversation.
+A plug-and-play skill library for [OpenClaw](https://github.com/openclaw/openclaw) — the open-source AI agent runtime. Gives your agent structured thinking, security guardrails, persistent memory, cron scheduling, runtime verification, self-recovery, and the ability to write its own new skills during conversation.
 
 Built for developers who want their AI agent to run autonomously 24/7, not just respond to prompts in a chat window.
 
@@ -20,11 +20,12 @@ Built for developers who want their AI agent to run autonomously 24/7, not just
 
 Most AI agent frameworks give you a chatbot that forgets everything between sessions. OpenClaw is different — it runs persistently, handles multi-hour tasks, and has native cron scheduling. But out of the box, it doesn't know *how* to use those capabilities well.
 
-**openclaw-superpowers bridges that gap.** Install 52 skills in one command, and your agent immediately knows how to:
+**openclaw-superpowers bridges that gap.** Install 53 skills in one command, and your agent immediately knows how to:
 
 - **Think before it acts** — brainstorming, planning, and systematic debugging skills prevent the "dive in and break things" failure mode
 - **Protect itself** — 6 security skills detect prompt injection, block dangerous actions, audit installed code, and scan for leaked credentials
-- **Run unattended** — 19 cron-scheduled skills handle memory cleanup, health checks, budget tracking, and community monitoring while you sleep
+- **Run unattended** — 20 cron-scheduled skills handle memory cleanup, health checks, budget tracking, and community monitoring while you sleep
+- **Verify itself** — runtime verification catches missing cron registrations, stale state, dependency drift, and install layout mistakes before they silently break automation
 - **Recover from failures** — self-recovery, loop-breaking, and task handoff skills keep long-running work alive across crashes and restarts
 - **Never forget** — DAG-based memory compaction, integrity checking, context scoring, and SQLite session persistence ensure the agent preserves critical information even in month-long conversations
 - **Improve itself** — the agent can write new skills during normal conversation using `create-skill`, encoding your preferences as permanent behaviors
@@ -81,7 +82,7 @@ Methodology skills that work in any AI agent runtime. Adapted from [obra/superpo
 | `skill-conflict-detector` | Detects name shadowing and description-overlap conflicts between installed skills | `detect.py` |
 | `skill-portability-checker` | Validates OS/binary dependencies in companion scripts; catches non-portable calls | `check.py` |
 
-### OpenClaw-Native (36 skills)
+### OpenClaw-Native (37 skills)
 
 Skills that require OpenClaw's persistent runtime — cron scheduling, session state, or long-running execution. These are the skills that make a 24/7 autonomous agent actually work reliably.
 
@@ -109,6 +110,7 @@ Skills that require OpenClaw's persistent runtime — cron scheduling, session s
 | `installed-skill-auditor` | Weekly post-install audit of all skills for injection, credentials, and drift | Mondays 9am | `audit.py` |
 | `skill-loadout-manager` | Named skill profiles to manage active skill sets and prevent system prompt bloat | — | `loadout.py` |
 | `skill-compatibility-checker` | Checks installed skills against the current OpenClaw version for feature compatibility | — | `check.py` |
+| `runtime-verification-dashboard` | Verifies cron registration, state freshness, install layout, and dependency readiness across the live runtime; can dry-run or apply safe remediations | every 6h | `check.py` |
 | `heartbeat-governor` | Enforces per-skill execution budgets for cron skills; auto-pauses runaway skills | every hour | `governor.py` |
 | `community-skill-radar` | Scans Reddit for OpenClaw pain points and feature requests; writes prioritized PROPOSALS.md | every 3 days | `radar.py` |
 | `memory-graph-builder` | Parses MEMORY.md into a knowledge graph; detects duplicates, contradictions, stale entries | daily 10pm | `graph.py` |
@@ -153,16 +155,17 @@ Six skills form a defense-in-depth security layer for autonomous agents:
 
 | Feature | openclaw-superpowers | obra/superpowers | Custom prompts |
 |---|---|---|---|
-| Skills included | **52** | 8 | 0 |
+| Skills included | **53** | 8 | 0 |
 | Self-modifying (agent writes new skills) | Yes | No | No |
-| Cron scheduling | **19 scheduled skills** | No | No |
+| Cron scheduling | **20 scheduled skills** | No | No |
 | Persistent state across sessions | **YAML state schemas** | No | No |
 | Security guardrails | **6 defense-in-depth skills** | No | No |
-| Companion scripts with CLI | **36 scripts** | No | No |
+| Companion scripts with CLI | **37 scripts** | No | No |
 | Memory graph / knowledge graph | Yes | No | No |
 | SQLite session persistence + FTS5 search | Yes | No | No |
 | Sub-agent recall with token-budgeted grants | Yes | No | No |
 | MCP server health monitoring | Yes | No | No |
+| Runtime verification / observability | Yes | No | No |
 | API spend tracking & budget enforcement | Yes | No | No |
 | Community feature radar (Reddit scanning) | Yes | No | No |
 | Multi-agent coordination | Yes | No | No |
@@ -182,7 +185,7 @@ Six skills form a defense-in-depth security layer for autonomous agents:
 │   │   │   ├── SKILL.md
 │   │   │   └── TEMPLATE.md
 │   │   └── ...
-│   ├── openclaw-native/         # 36 persistent-runtime skills
+│   ├── openclaw-native/         # 37 persistent-runtime skills
 │   │   ├── memory-graph-builder/
 │   │   │   ├── SKILL.md             # Skill definition + YAML frontmatter
 │   │   │   ├── STATE_SCHEMA.yaml    # State shape (committed, versioned)
@@ -205,7 +208,7 @@ Six skills form a defense-in-depth security layer for autonomous agents:
 
 Skills marked with a script ship a small executable alongside their `SKILL.md`:
 
-- **35 Python scripts** (`run.py`, `audit.py`, `check.py`, `guard.py`, `bridge.py`, `onboard.py`, `sync.py`, `doctor.py`, `loadout.py`, `governor.py`, `detect.py`, `test.py`, `radar.py`, `graph.py`, `optimize.py`, `compact.py`, `intercept.py`, `score.py`, `integrity.py`, `persist.py`, `recall.py`) — run directly to manipulate state, generate reports, or trigger actions. Install `PyYAML` for any helper that reads or writes skill state.
+- **36 Python scripts** (`run.py`, `audit.py`, `check.py`, `guard.py`, `bridge.py`, `onboard.py`, `sync.py`, `doctor.py`, `loadout.py`, `governor.py`, `detect.py`, `test.py`, `radar.py`, `graph.py`, `optimize.py`, `compact.py`, `intercept.py`, `score.py`, `integrity.py`, `persist.py`, `recall.py`) — run directly to manipulate state, generate reports, or trigger actions. Install `PyYAML` for any helper that reads or writes skill state.
 - **`vet.sh`** — Pure bash scanner; runs on any system with grep.
 - Every script supports `--help` and `--format json`. Dry-run mode available on scripts that make changes.
 - See the `example-state.yaml` in each skill directory for sample state and a commented walkthrough of cron behaviour.

scripts/check-readme-metrics.sh

@@ -4,9 +4,9 @@ set -euo pipefail
 REPO_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
 README="$REPO_DIR/README.md"
 
-SKILL_COUNT="$(git -C "$REPO_DIR" ls-files 'skills/*/*/SKILL.md' | wc -l | tr -d '[:space:]')"
-CRON_COUNT="$(git -C "$REPO_DIR" grep -l '^cron:' -- 'skills/*/*/SKILL.md' | wc -l | tr -d '[:space:]')"
-PYTHON_SCRIPT_COUNT="$(git -C "$REPO_DIR" ls-files 'skills/**/*.py' | wc -l | tr -d '[:space:]')"
+SKILL_COUNT="$(find "$REPO_DIR/skills" -type f -name 'SKILL.md' | wc -l | tr -d '[:space:]')"
+CRON_COUNT="$(find "$REPO_DIR/skills" -type f -name 'SKILL.md' -print0 | xargs -0 grep -l '^cron:' | wc -l | tr -d '[:space:]')"
+PYTHON_SCRIPT_COUNT="$(find "$REPO_DIR/skills" -type f -name '*.py' | wc -l | tr -d '[:space:]')"
 COMPANION_SCRIPT_COUNT=$((PYTHON_SCRIPT_COUNT + 1))
 
 assert_contains() {

skills/openclaw-native/runtime-verification-dashboard/SKILL.md

@@ -0,0 +1,75 @@
+---
+name: runtime-verification-dashboard
+version: "1.0"
+category: openclaw-native
+description: Verifies skill runtime health — cron registration, state freshness, dependency readiness, and install layout drift — so autonomous agents stay observable and trustworthy.
+stateful: true
+cron: "0 */6 * * *"
+---
+
+# Runtime Verification Dashboard
+
+## What it does
+
+A skill library is only useful if the skills actually trigger, write state, and stay registered after upgrades. Runtime Verification Dashboard audits the live OpenClaw install and writes a rolling health report you can inspect in one command.
+
+It catches the gap between "the files exist" and "the runtime is healthy."
+
+## When to invoke
+
+- Automatically every 6 hours
+- After installing or upgrading openclaw-superpowers
+- When cron skills stop firing, state looks stale, or the runtime feels drifted
+- Before trusting long-running automation in production
+
+## What it checks
+
+| Check | Why it matters |
+|---|---|
+| Install layout | Detects repo-root vs skills-root path drift before scripts look in the wrong place |
+| Cron registration | Finds scheduled skills that exist on disk but are not registered with OpenClaw |
+| State freshness | Flags stateful cron skills whose state has gone stale relative to their schedule |
+| Dependency readiness | Warns when `PyYAML` or the `openclaw` CLI is unavailable |
+| Skill inventory | Records PASS / WARN / FAIL status per skill in one ledger |
+
+## How to use
+
+```bash
+python3 check.py --scan                 # Full live runtime audit
+python3 check.py --scan --failures      # Show only WARN / FAIL items
+python3 check.py --scan --skill morning-briefing
+python3 check.py --remediate            # Dry-run safe remediations
+python3 check.py --remediate --apply    # Apply safe remediations
+python3 check.py --status               # Summary from the last scan
+python3 check.py --findings             # Findings from the last scan
+python3 check.py --format json
+```
+
+## Cron wakeup behaviour
+
+Every 6 hours:
+
+1. Resolve the installed skill root
+2. Inspect every skill's frontmatter and runtime state
+3. Check cron visibility through `openclaw cron list` when available
+4. Write a summary ledger and rolling history to state
+5. Surface FAILs first, then WARNs
+
+## Safe remediations
+
+Remediation is dry-run by default. The dashboard only auto-fixes deterministic runtime issues:
+
+- `STATE_MISSING` → create the missing `state.yaml` stub
+- `CRON_NOT_REGISTERED` → re-register the cron entry through the OpenClaw CLI
+
+Everything else remains advisory. Missing dependencies, invalid frontmatter, and install-layout issues still require a human decision.
+
+## Operating rule
+
+Use this skill as the first stop when the agent's behaviour looks inconsistent with the skill files on disk. It tells you whether the problem is registration, state drift, dependency drift, or install layout drift.
+
+## State
+
+State file: `~/.openclaw/skill-state/runtime-verification-dashboard/state.yaml`
+
+Fields: `last_scan_at`, `last_remediation_at`, `summary`, `environment`, `global_findings`, `skills`, `scan_history`, `remediation_history`.

skills/openclaw-native/runtime-verification-dashboard/STATE_SCHEMA.yaml

@@ -0,0 +1,73 @@
+version: "1.0"
+description: Runtime verification summary, per-skill health ledger, and rolling scan history.
+fields:
+  last_scan_at:
+    type: datetime
+  last_remediation_at:
+    type: datetime
+  summary:
+    type: object
+    items:
+      total_skills:         { type: integer, default: 0 }
+      pass_count:           { type: integer, default: 0 }
+      warn_count:           { type: integer, default: 0 }
+      fail_count:           { type: integer, default: 0 }
+      stateful_count:       { type: integer, default: 0 }
+      scheduled_count:      { type: integer, default: 0 }
+      companion_script_count: { type: integer, default: 0 }
+  environment:
+    type: object
+    items:
+      openclaw_home:      { type: string }
+      superpowers_dir:    { type: string }
+      skills_root:        { type: string }
+      openclaw_cli_found: { type: boolean }
+      pyyaml_found:       { type: boolean }
+      cron_registry_ok:   { type: boolean }
+  global_findings:
+    type: list
+    items:
+      level:          { type: enum, values: [WARN, FAIL] }
+      check:          { type: string }
+      detail:         { type: string }
+      recommendation: { type: string }
+  skills:
+    type: list
+    items:
+      name:              { type: string }
+      category:          { type: string }
+      status:            { type: enum, values: [PASS, WARN, FAIL] }
+      stateful:          { type: boolean }
+      cron:              { type: string }
+      state_file:        { type: string }
+      companion_scripts: { type: list, items: { type: string } }
+      findings:
+        type: list
+        items:
+          level:          { type: enum, values: [WARN, FAIL] }
+          check:          { type: string }
+          detail:         { type: string }
+          recommendation: { type: string }
+  scan_history:
+    type: list
+    items:
+      scanned_at:          { type: datetime }
+      total_skills:        { type: integer }
+      pass_count:          { type: integer }
+      warn_count:          { type: integer }
+      fail_count:          { type: integer }
+      global_finding_count: { type: integer }
+  remediation_history:
+    type: list
+    items:
+      remediated_at: { type: datetime }
+      action_count:  { type: integer }
+      applied_count: { type: integer }
+      actions:
+        type: list
+        items:
+          skill:   { type: string }
+          check:   { type: string }
+          action:  { type: string }
+          outcome: { type: enum, values: [planned, applied, failed] }
+          detail:  { type: string }